"The warning will be at the top of the search results page for regular searches and image searches and news searches," Google security engineer Damian Menscher told CNET this morning. "The text will say, 'Your computer appears to be infected,' and it will give additional detail warning them that they may not be able to connect to the Internet in the future."

DNSChanger worked by pointing infected computers to rogue Domain Name System servers that could, for instance, direct someone trying to connect to BankOfAmerica.com to a scam Web site.

The way the alerts work is both simple and clever: When one of the replacement servers operated by ISC under court order talk to Google's servers, they reply with a special Internet Protocol address. Because connections to that IP address can safely be assumed to be from infected PCs, the alerts can be displayed in search results.

Computers became infected with DNSChanger when they visited certain Web sites or downloaded particular software to view videos online. In addition to altering the DNS server settings, the malware also prevented antivirus updates from happening.

Google took similar steps last summer when it displayed security alerts to infected computers that were connecting through intermediary servers called proxies.